[NT] Microsoft IIS Local Cross-site Scripting Vulnerability
From: support@securiteam.comDate: 11/05/02
- Previous message: support@securiteam.com: "[NT] Denial of Service Vulnerability in Xeneo Web Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: 5 Nov 2002 11:48:46 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Microsoft IIS Local Cross-site Scripting Vulnerability
------------------------------------------------------------------------
SUMMARY
A sample content in the administration page of Microsoft Internet
Information Services is prone to a cross-site scripting vulnerability.
DETAILS
A cross-site scripting vulnerability occurs because a specific ASP file in
the IISHELP virtual directory implemented with Microsoft Internet
Information Services (IIS) does not sanitize external input.
This problem can be triggered if an IIS system administrator views a
specially crafted HTML page containing a hyperlink or through a malicious
HTML formatted mail because the IISHELP virtual directory is restricted to
local access.
In this case, the HTML tag will not be sanitized and will be embedded into
a Web page and rendered by browsers.
If the page is viewed with Internet Explorer, the malicious script will be
executed on the "Intranet" security zone. This will make it possible to
monitor sessions, copy personal data to a third site or run certain types
of local programs.
Solution:
Apply a patch available at: MS02-062 Cumulative Patch for Internet
Information Service (Q327696)
<http://www.microsoft.com/technet/security/bulletin/ms02-062.asp>
http://www.microsoft.com/technet/security/bulletin/ms02-062.asp
ADDITIONAL INFORMATION
The original advisory can be downloaded by going to:
<http://www.lac.co.jp/security/intelligence/SNSAdvisory/58.html>
http://www.lac.co.jp/security/intelligence/SNSAdvisory/58.html
The information has been provided by <mailto:y.arai@lac.co.jp> ARAI Yuu.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[NT] Denial of Service Vulnerability in Xeneo Web Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
